Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

[LOG] msconfig.exe deleted


  • This topic is locked This topic is locked
2 replies to this topic

#1 Redmen800

Redmen800

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:04:19 PM

Posted 07 July 2011 - 10:36 AM

Hello,

My computer was doing strange things: DNS-lookup errors, black screens, sometimes it took ages to start a program. All the antivirus programs didn't fins anything. A friend told me to run ComboFix. I followed the tutorial and now i was told to post the log. I remarked that msconfig.exe had been deleted. Is this a indication of malware? Here is the log:

ComboFix 11-07-07.02 - Alexander 07-07-2011  16:43:06.1.2 - x86
Microsoft® Windows Vista™ Home Premium   6.0.6002.2.1252.31.1043.18.2813.1869 [GMT 2:00]
Gestart vanuit: c:\users\Alexander\Desktop\ComboFix.exe
AV: McAfee Antivirus en antispyware *Disabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}
FW: McAfee Firewall *Disabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
SP: McAfee Antivirus en antispyware *Disabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((   Andere Verwijderingen   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\system32\msconfig.exe
.
.
((((((((((((((((((((   Bestanden Gemaakt van 2011-06-07 to 2011-07-07  ))))))))))))))))))))))))))))))
.
.
2011-07-07 15:00 . 2011-07-07 15:01	--------	d-----w-	c:\users\Alexander\AppData\Local\temp
2011-07-07 15:00 . 2011-07-07 15:00	--------	d-----w-	c:\users\Default\AppData\Local\temp
2011-07-07 14:40 . 2011-07-07 14:40	--------	d-----w-	C:\32788R22FWJFW
2011-07-06 14:29 . 2011-07-06 14:29	--------	d-----w-	c:\programdata\PMS
2011-07-06 14:28 . 2011-07-06 14:31	--------	d-----w-	c:\program files\PS3 Media Server
2011-07-06 12:30 . 2011-07-06 12:31	--------	d-----w-	c:\users\Alexander\AppData\Local\{92660A92-F7C1-4F51-A12E-BDEE7D6C3CE1}
2011-07-05 09:20 . 2011-06-07 15:55	7074640	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{00C09DD0-273E-4DF4-AA93-F350FD073E15}\mpengine.dll
2011-07-01 07:31 . 2011-07-01 07:31	--------	d-----w-	c:\users\Alexander\AppData\Local\{4A84E6BC-248B-4647-A598-45F7E2DF82EA}
2011-06-30 13:56 . 2011-06-30 13:56	--------	d-----w-	c:\program files\Common Files\Java
2011-06-30 13:49 . 2011-06-30 13:49	--------	d-----w-	c:\users\Alexander\AppData\Local\{757F0F28-4CEE-48A0-8F29-835D979136C7}
2011-06-29 14:47 . 2011-06-29 14:47	--------	d-----w-	c:\users\Alexander\AppData\Local\{82E58C4F-C23A-430D-936B-B8C860D7EAB2}
2011-06-29 13:32 . 2011-04-29 15:59	276992	----a-w-	c:\windows\system32\schannel.dll
2011-06-25 16:48 . 2011-06-25 16:51	--------	d-----w-	c:\users\Alexander\AppData\Roaming\Folding@home-x86
2011-06-25 16:48 . 2011-06-25 16:48	--------	d-----w-	c:\program files\Folding@home
2011-06-23 08:45 . 2011-06-23 08:45	--------	d-----w-	c:\users\Alexander\AppData\Local\{B4B3EC40-960C-4FF2-9CD1-3E91931CC515}
2011-06-23 08:30 . 2011-06-23 08:30	--------	d-----w-	c:\users\Alexander\AppData\Roaming\Adobe Mini Bridge CS5.1
2011-06-23 08:30 . 2011-06-23 08:30	--------	d-----w-	c:\users\Alexander\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
2011-06-22 19:21 . 2011-06-22 19:21	--------	d-----w-	c:\programdata\regid.1986-12.com.adobe
2011-06-22 15:56 . 2011-06-22 15:56	--------	d-----w-	c:\users\Alexander\AppData\Roaming\gtk-2.0
2011-06-22 15:56 . 2011-06-22 15:56	--------	d-----w-	c:\users\Alexander\.thumbnails
2011-06-22 15:53 . 2011-06-22 16:04	--------	d-----w-	c:\users\Alexander\.gimp-2.6
2011-06-22 15:52 . 2011-06-22 15:52	--------	d-----w-	c:\program files\GIMP-2.0
2011-06-22 15:30 . 2011-06-22 15:32	--------	d-----w-	c:\users\Alexander\AppData\Roaming\XnView
2011-06-22 13:09 . 2011-06-22 13:09	--------	d-----w-	c:\users\Alexander\AppData\Local\{5421CBB7-C552-4D3B-B216-80CF1B9F70D7}
2011-06-21 06:33 . 2011-06-21 06:34	--------	d-----w-	c:\users\Alexander\AppData\Local\{78790A04-1572-4D4D-9E88-267A83486C42}
2011-06-20 13:40 . 2011-06-20 13:40	--------	d-----w-	c:\users\Alexander\AppData\Roaming\Microsoft Games
2011-06-19 18:52 . 2011-06-19 18:52	--------	d-----w-	c:\users\Alexander\AppData\Local\{89861B5C-8667-4538-8529-DA142903BC42}
2011-06-18 12:09 . 2011-06-18 12:09	--------	d-----w-	c:\users\Alexander\AppData\Local\{8F5E79FF-E3D4-451E-9051-506029B2A2B2}
2011-06-15 11:55 . 2011-04-25 15:29	141104	----a-w-	c:\program files\Internet Explorer\sqmapi.dll
2011-06-15 11:55 . 2011-04-22 23:25	2382848	----a-w-	c:\windows\system32\mshtml.tlb
2011-06-15 11:55 . 2011-04-22 23:35	1797632	----a-w-	c:\windows\system32\jscript9.dll
2011-06-15 10:55 . 2011-04-14 14:59	75264	----a-w-	c:\windows\system32\drivers\dfsc.sys
2011-06-15 10:54 . 2011-04-29 13:25	146432	----a-w-	c:\windows\system32\drivers\srv2.sys
2011-06-15 10:54 . 2011-04-29 13:25	102400	----a-w-	c:\windows\system32\drivers\srvnet.sys
2011-06-15 10:54 . 2011-04-21 13:58	273408	----a-w-	c:\windows\system32\drivers\afd.sys
2011-06-15 10:54 . 2010-12-20 16:35	563712	----a-w-	c:\windows\system32\oleaut32.dll
2011-06-15 10:54 . 2011-05-02 17:16	739328	----a-w-	c:\windows\system32\inetcomm.dll
2011-06-15 10:54 . 2011-04-29 13:24	214016	----a-w-	c:\windows\system32\drivers\mrxsmb10.sys
2011-06-15 10:54 . 2011-04-29 13:24	79872	----a-w-	c:\windows\system32\drivers\mrxsmb20.sys
2011-06-15 10:54 . 2011-04-29 13:24	106496	----a-w-	c:\windows\system32\drivers\mrxsmb.sys
2011-06-15 10:53 . 2011-05-02 12:02	2409784	----a-w-	c:\program files\Windows Mail\OESpamFilter.dat
2011-06-13 11:52 . 2011-06-13 11:52	--------	d-----w-	c:\program files\iPod
.
.
.
(((((((((((((((((((((((((((((((((((((((   Find3M Rapport   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-05-24 17:14 . 2010-12-24 18:37	222080	------w-	c:\windows\system32\MpSigStub.exe
2011-05-16 15:11 . 2011-05-16 15:11	404640	----a-w-	c:\windows\system32\FlashPlayerCPLApp.cpl
2011-05-11 14:26 . 2011-04-29 14:34	36928	----a-w-	c:\windows\system32\drivers\pssdk41.sys
2011-05-10 06:06 . 2011-05-10 06:06	4517664	----a-w-	c:\windows\system32\usbaaplrc.dll
2011-05-10 06:06 . 2011-05-10 06:06	42496	----a-w-	c:\windows\system32\drivers\usbaapl.sys
2011-05-04 02:52 . 2010-12-27 15:10	472808	----a-w-	c:\windows\system32\deployJava1.dll
2011-04-14 12:01 . 2010-12-25 12:25	9344	----a-w-	c:\windows\system32\drivers\mfeclnk.sys
2011-04-14 12:01 . 2010-12-25 12:24	84488	----a-w-	c:\windows\system32\drivers\mferkdet.sys
2011-04-14 12:01 . 2010-12-25 12:24	64584	----a-w-	c:\windows\system32\drivers\mfenlfk.sys
2011-04-14 12:01 . 2010-12-25 12:24	56064	----a-w-	c:\windows\system32\drivers\cfwids.sys
2011-04-14 12:01 . 2010-12-25 12:24	52320	----a-w-	c:\windows\system32\drivers\mfebopk.sys
2011-04-14 12:01 . 2010-12-25 12:24	314088	----a-w-	c:\windows\system32\drivers\mfefirek.sys
2011-04-14 12:01 . 2010-12-25 12:24	165032	----a-w-	c:\windows\system32\drivers\mfewfpk.sys
2011-04-14 12:01 . 2010-12-25 12:24	153280	----a-w-	c:\windows\system32\drivers\mfeavfk.sys
2011-04-14 12:01 . 2010-12-25 12:23	141792	----a-w-	c:\windows\system32\mfevtps.exe
2011-04-14 12:01 . 2010-08-24 19:57	95824	----a-w-	c:\windows\system32\drivers\mfeapfk.sys
2011-04-14 12:01 . 2010-08-24 19:57	387480	----a-w-	c:\windows\system32\drivers\mfehidk.sys
2011-04-11 15:46 . 2011-04-11 15:46	74703	----a-w-	c:\windows\system32\mfc45.dll
2011-03-18 18:03 . 2011-04-17 10:00	142296	----a-w-	c:\program files\mozilla firefox\components\browsercomps.dll
2011-04-14 12:01 . 2011-04-19 14:55	24376	----a-w-	c:\program files\mozilla firefox\components\Scriptff.dll
.
.
(((((((((((((((((((((((((((((((((((((   Reg Opstartpunten   )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1TortoiseNormal]
@="{C5994560-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994560-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 07:55	87304	----a-w-	c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\2TortoiseModified]
@="{C5994561-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994561-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 07:55	87304	----a-w-	c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\3TortoiseConflict]
@="{C5994562-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994562-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 07:55	87304	----a-w-	c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\4TortoiseLocked]
@="{C5994563-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994563-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 07:55	87304	----a-w-	c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\5TortoiseReadOnly]
@="{C5994564-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994564-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 07:55	87304	----a-w-	c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\6TortoiseDeleted]
@="{C5994565-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994565-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 07:55	87304	----a-w-	c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\7TortoiseAdded]
@="{C5994566-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994566-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 07:55	87304	----a-w-	c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\8TortoiseIgnored]
@="{C5994567-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994567-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 07:55	87304	----a-w-	c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\9TortoiseUnversioned]
@="{C5994568-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994568-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 07:55	87304	----a-w-	c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\IDM Shell Extension]
@="{CDC95B92-E27C-4745-A8C5-64A52A78855D}"
[HKEY_CLASSES_ROOT\CLSID\{CDC95B92-E27C-4745-A8C5-64A52A78855D}]
2011-03-02 15:23	68216	----a-w-	c:\program files\Internet Download Manager\IDMShellExt.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
"IDMan"="c:\program files\Internet Download Manager\IDMan.exe" [2011-03-15 3278232]
"Steam"="c:\program files\Steam\steam.exe" [2011-04-24 1242448]
"Advanced SystemCare 4"="c:\program files\IObit\Advanced SystemCare 4\ASCTray.exe" [2011-05-28 412560]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2011-04-05 1195408]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-02-10 61440]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-06-07 421160]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]
"AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2011-03-15 499608]
"SwitchBoard"="c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5.5ServiceManager"="c:\program files\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" [2011-01-12 1523360]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-12-24 136176]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\b57nd60x.sys [2008-01-21 179712]
R3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files\Common Files\MAGIX Services\Database\bin\fbserver.exe [2008-08-07 3276800]
R3 gupdatem;Google Update-service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2010-12-24 136176]
R3 McAWFwk;McAfee Activation Service;c:\progra~1\mcafee\msc\mcawfwk.exe [2010-08-30 198904]
R3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2011-04-14 84488]
R3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver;c:\windows\system32\DRIVERS\MijXfilt.sys [2011-01-01 81168]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
R3 PsSdk41;PsSdk41;c:\windows\system32\Drivers\pssdk41.sys [2011-05-11 36928]
R3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
R3 WSDPrintDevice;WSD-ondersteuning voor afdrukken via UMB;c:\windows\system32\DRIVERS\WSDPrint.sys [2008-01-21 16896]
R4 McOobeSv;McAfee OOBE Service;c:\program files\Common Files\Mcafee\McSvcHost\McSvHost.exe [2010-03-10 271480]
S0 O2MDRDR;O2MDRDR;c:\windows\system32\DRIVERS\o2media.sys [2007-04-03 39680]
S0 O2SDRDR;O2SDRDR;c:\windows\system32\DRIVERS\o2sd.sys [2007-04-03 35712]
S1 mfenlfk;McAfee NDIS Light Filter;c:\windows\system32\DRIVERS\mfenlfk.sys [2011-04-14 64584]
S1 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [2011-04-14 165032]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
S2 AdvancedSystemCareService;Advanced SystemCare Service;c:\program files\IObit\Advanced SystemCare 4\ASCService.exe [2011-05-28 353168]
S2 cvhsvc;Client Virtualization Handler;c:\program files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2010-02-28 821664]
S2 Fabs;FABS - Helping agent for MAGIX media database;c:\program files\Common Files\MAGIX Services\Database\bin\FABS.exe [2009-08-27 1253376]
S2 IDMWFP;IDMWFP;c:\windows\system32\DRIVERS\idmwfp.sys [2011-01-25 85768]
S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\Common Files\Mcafee\McSvcHost\McSvHost.exe [2010-03-10 271480]
S2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\Common Files\Mcafee\McSvcHost\McSvHost.exe [2010-03-10 271480]
S2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\Common Files\Mcafee\McSvcHost\McSvHost.exe [2010-03-10 271480]
S2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [2011-04-14 188136]
S2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [2011-04-14 141792]
S2 sftlist;Application Virtualization Client;c:\program files\Microsoft Application Virtualization Client\sftlist.exe [2010-04-24 483688]
S3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [2011-04-14 56064]
S3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [2011-04-14 314088]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2010-04-24 550760]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2010-04-24 195944]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2010-04-24 21864]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2010-04-24 19304]
S3 sftvsa;Application Virtualization Service Agent;c:\program files\Microsoft Application Virtualization Client\sftvsa.exe [2010-04-24 209768]
.
.
--- Andere Services/Drivers In Geheugen ---
.
*Deregistered* - mfeavfk01
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation	REG_MULTI_SZ   	FontCache
HPZ12	REG_MULTI_SZ   	Pml Driver HPZ12 Net Driver HPZ12
.
Inhoud van de 'Gedeelde Taken' map
.
2011-07-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-03-26 13:20]
.
2011-07-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-03-26 13:20]
.
2011-07-05 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2568321160-842720230-811333349-1003Core.job
- c:\users\Alexander\AppData\Local\Google\Update\GoogleUpdate.exe [2010-12-24 13:20]
.
2011-07-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2568321160-842720230-811333349-1003UA.job
- c:\users\Alexander\AppData\Local\Google\Update\GoogleUpdate.exe [2010-12-24 13:20]
.
.
------- Bijkomende Scan -------
.
uStart Page = hxxp://www.youtube.com/
mStart Page = hxxp://nl.intl.acer.yahoo.com
uInternet Settings,ProxyOverride = *.local
IE: &Verzenden naar OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: Download alle links met IDM - c:\program files\Internet Download Manager\IEGetAll.htm
IE: Download FLV video inhoud met IDM - c:\program files\Internet Download Manager\IEGetVL.htm
IE: Download met IDM - c:\program files\Internet Download Manager\IEExt.htm
IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
TCP: DhcpNameServer = 10.0.0.2
FF - ProfilePath - c:\users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\dgpg4dtj.default\
.
.
------- Bestandsassociaties -------
.
JSEFile=NOTEPAD.EXE %1
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-07-07 17:00
Windows 6.0.6002 Service Pack 2 NTFS
.
scannen van verborgen processen ... 
.
scannen van verborgen autostart items ... 
.
scannen van verborgen bestanden ... 
.
Scan succesvol afgerond
verborgen bestanden: 0
.
**************************************************************************
.
--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
.
[HKEY_USERS\S-1-5-21-2568321160-842720230-811333349-1003_Classes\CLSID\{7B8E9164-324D-4A2E-A46D-0165FB2000EC}]
@Denied: (Full) (Everyone)
"scansk"=hex(0):cc,01,48,4d,7a,76,78,55,c1,22,f8,17,82,b5,76,a5,7d,74,ee,2f,99,
   62,d0,c4,6a,e1,1d,78,8b,85,ed,97,2a,4f,bc,50,ca,32,bb,c4,00,00,00,00,00,00,\
.
[HKEY_USERS\S-1-5-21-2568321160-842720230-811333349-1003_Classes\CLSID\{84c30889-b726-44ea-ba16-124bb80b053a}]
@Denied: (Full) (Everyone)
@Allowed: (Read) (RestrictedCode)
"Model"=dword:00000069
"Therad"=dword:00000019
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Voltooingstijd: 2011-07-07  17:15:46
ComboFix-quarantined-files.txt  2011-07-07 15:15
.
Pre-Run: 12.443.123.712 bytes beschikbaar
Post-Run: 12.283.842.560 bytes beschikbaar
.
- - End Of File - - C3BF7AF32E0FF8998F18D59FB10192CD

Thanks,

Redmen800

EDIT: My computer is now running fine for an hour!

Edited by Redmen800, 07 July 2011 - 10:37 AM.


BC AdBot (Login to Remove)

 


#2 CatByte

CatByte

    bleepin' tiger


  • Malware Response Team
  • 14,664 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Canada
  • Local time:11:19 AM

Posted 23 July 2011 - 10:29 AM

How is your computer running?

Do you have any outstanding issues?

Microsoft MVP - 2010, 2011, 2012, 2013, 2014, 2015


#3 CatByte

CatByte

    bleepin' tiger


  • Malware Response Team
  • 14,664 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Canada
  • Local time:11:19 AM

Posted 29 July 2011 - 09:05 PM

Due to the lack of feedback, this topic is now closed.In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days. Please include a link to your topic in the Private Message. Thank you.

Microsoft MVP - 2010, 2011, 2012, 2013, 2014, 2015





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users